Android Apps Can Access, Copy Photos Stored on Your Phone

[Jack]

Android users have been warned that applications could be sending back photos stored on their phone to remote servers without their permission in yet another major security worry for the popular operating system, according to a New York Times report.

The issue revolves around a permissions loophole that grants third-party app developers the ability to copy users photos to a remote server without notice, as long as a user given the app consent to access the internet.

Google has admitted the loophole exists and may consider changing its approach, according to the report.

“We originally designed the Android photos file system similar to those of other computing platforms like Windows and Mac OS,” a Google spokesman told the NYTimes via e-mail. “At the time, images were stored on a SD card, making it easy for someone to remove the SD card from a phone and put it in a computer to view or transfer those images. As phones and tablets have evolved to rely more on built-in, nonremovable memory, we’re taking another look at this and considering adding a permission for apps to access images. We’ve always had policies in place to remove any apps on Android Market that improperly access your data.”

Read more

 

[Vextor]

I think Android's getting more and more insecure. Eventually Android going to be overrun with malware that exploit it completely. Also, with the updates not coming to every device, its going to explode.

 

[WinAndLinuxTutorials]

Avast's firewall can prevent the pictures from being sent to a remote server, isn't it?

 

[Jack]

Avast's firewall can prevent the pictures from being sent to a remote server, isn't it?

Yes, it should however it's really easy to prevent this type of attacks ... Do some research before installing a app. and you should be fine.
Always have in mind that if it's sound too good to be truth ( like NFS 2012 for FREE) than most likely is and install apps. only from the Android market.
Overall a unwanted loophole which needs to be fixed by Google..... Don't know if cyber criminals are really interested in you pics but it needs a fix.

 

[MrXidus]

I've got a rooted Android therefor using Avast's Firewall with custom rules.

Also if you're a user of Cyanogen Mod Nightly. You have access to a great feature called Phone Goggles. (Filter outgoing communications) which I have also set up.

Nothing on my Android gets to communicate unless I approve of it. Thanks.

 

[Ink]

More developers are making "Apps" which require more access to YOUR data. This happens on Facebook and soon it will on every device too.

You might want to check out their Privacy Policies too.

Example:

Popular Facebook game = Farmville by Zynga ( http://company.zynga.com/about/privacy-center/privacy-policy )

 

[WinAndLinuxTutorials]

Wait... Does all 3rd party apps have access to the picutures on the Android phone?